[Full-disclosure] [ Suresec Advisories ] - Kcheckpass file creation vulnerability
Suresec Advisories
advisories at suresec.org
Wed Sep 7 18:28:32 BST 2005
Suresec Security Advisory - #00006
05/09/05
Kcheckpass file creation vulnerability
Advisory: http://www.suresec.org/advisories/adv6.pdf
Description:
A lockfile handling error was found in kcheckpass which can,
in certain configurations be used to create world writable files.
Exploitation of this vulnerability may lead to elevated privileges .
The vulnerability was discovered by Ilja van Sprundel.
Full-Disclosure is hosted and sponsored by Secunia.